Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/VcY8ywC4bBZL6bKLINC0BGmsbTw.roa
File: VcY8ywC4bBZL6bKLINC0BGmsbTw.roa (raw, json)
Hash identifier: 4IuIFeYkSITytykH/41/nGAoiPNCUNzqHEim0lcUhVE=
Subject key identifier: 55:C6:3C:CB:00:B8:6C:16:4B:E9:B2:8B:20:D0:B4:04:69:AC:6D:3C
Certificate issuer: /CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Certificate serial: 0186B8BED99C3D5FD8E9CB76E6C3D390CAFC
Authority key identifier: D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/VcY8ywC4bBZL6bKLINC0BGmsbTw.roa
Signing time: Mon 06 Mar 2023 21:06:00 +0000
ROA not before: Mon 06 Mar 2023 21:06:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 224
IP address blocks: 109.105.125.64/26 maxlen: 26
109.105.127.128/26 maxlen: 26
2001:948:62:3::/64 maxlen: 64
2001:948:62:4::/64 maxlen: 64
2001:948:61:1::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:be:d9:9c:3d:5f:d8:e9:cb:76:e6:c3:d3:90:ca:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d356ae625d9506df4a3e577b24a86fce3c73a8f8
Validity
Not Before: Mar 6 21:06:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55c63ccb00b86c164be9b28b20d0b40469ac6d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:a3:bf:64:58:73:fd:62:8c:d1:ea:b4:33:dc:
6b:89:e5:0b:8f:4e:d1:55:0e:62:22:f0:a2:8e:6e:
d3:53:7c:7b:19:9a:eb:9e:cd:45:4e:be:97:9f:d7:
22:b3:41:a8:3f:48:79:e6:47:c9:65:c9:ab:f2:25:
7b:44:22:e4:72:4e:98:bc:65:20:c3:4c:d8:90:e4:
ff:eb:51:59:d7:e1:62:b5:35:8f:12:9e:a3:cb:d3:
e3:1c:6a:31:a2:d6:57:b6:d7:4e:22:7c:1f:e9:50:
de:dd:e5:49:71:20:68:05:6c:1b:e4:db:1c:9d:9f:
bb:29:ae:25:29:ed:d5:79:eb:cd:18:54:e9:7c:e6:
e5:57:c9:af:06:1e:27:a5:e0:34:62:bd:67:28:69:
fb:18:49:9a:8e:8e:81:a1:94:ca:f2:b1:82:5c:d3:
71:2c:90:11:42:e9:8a:41:26:64:c8:ab:6a:72:e9:
1c:32:dd:5d:3b:b5:45:1f:c8:f1:c0:6e:09:82:91:
48:e9:73:3a:ae:f3:99:13:50:46:aa:36:e7:5f:df:
52:70:f9:d2:96:b7:0e:a4:df:50:2b:d8:ec:9d:f8:
fd:6c:8c:02:d8:9d:b9:ff:6d:94:19:a6:60:43:fd:
3f:ab:f3:c6:dc:26:64:e8:05:10:f9:79:5b:8b:cb:
e5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:C6:3C:CB:00:B8:6C:16:4B:E9:B2:8B:20:D0:B4:04:69:AC:6D:3C
X509v3 Authority Key Identifier:
keyid:D3:56:AE:62:5D:95:06:DF:4A:3E:57:7B:24:A8:6F:CE:3C:73:A8:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01auYl2VBt9KPld7JKhvzjxzqPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/VcY8ywC4bBZL6bKLINC0BGmsbTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7a6545-5277-40f3-b366-2ea87e6ea2a0/1/01auYl2VBt9KPld7JKhvzjxzqPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.105.125.64/26
109.105.127.128/26
IPv6:
2001:948:61:1::/64
2001:948:62:3::-2001:948:62:4:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
d0:48:6e:43:77:d5:1a:35:0d:fe:c1:61:aa:38:14:c7:e0:ac:
8c:18:33:94:b9:c2:ab:c5:93:44:5b:c0:89:8f:b1:46:c9:c0:
75:08:7c:68:16:3c:fc:c4:35:0b:e5:b6:bb:d3:49:53:84:eb:
09:fa:50:20:fe:52:f9:11:4a:e2:59:bd:63:cf:65:36:b3:11:
af:49:8b:46:f9:b1:c3:c7:80:d0:24:df:a7:2a:11:ad:71:2c:
a8:ad:c3:a0:e9:88:f3:3a:4c:2d:45:a6:af:53:e7:ff:25:51:
70:bb:ae:ed:0f:0e:fa:eb:5e:f4:79:54:04:89:fb:33:6b:b4:
1b:88:45:85:e4:96:ec:66:03:e8:4e:37:4f:54:d7:33:a9:6e:
37:6e:e3:b4:65:16:b5:7a:ca:32:dd:89:b4:96:74:7b:dc:17:
83:56:9e:dd:0a:a3:6d:65:d9:e5:b8:39:64:5e:d0:b5:d3:8a:
58:a5:e2:b1:4e:3a:fc:8c:f7:ac:ce:72:6f:f1:76:0a:34:88:
ce:86:3b:91:aa:69:67:23:36:20:54:7c:35:d2:9c:05:0f:4a:
f5:be:ca:76:0c:a7:d2:55:01:b1:ac:58:0c:21:4e:a4:ab:b6:
db:2a:36:4f:d6:07:50:4a:69:98:77:d1:f6:40:dd:b2:89:b2:
43:49:80:6f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYa4vtmcPV/Y6ct25sPTkMr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTZhZTYyNWQ5NTA2ZGY0YTNlNTc3YjI0YTg2ZmNlM2M3
M2E4ZjgwHhcNMjMwMzA2MjEwNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWM2M2NjYjAwYjg2YzE2NGJlOWIyOGIyMGQwYjQwNDY5YWM2ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/aO/ZFhz/WKM0eq0M9xrieULj07R
VQ5iIvCijm7TU3x7GZrrns1FTr6Xn9cis0GoP0h55kfJZcmr8iV7RCLkck6YvGUg
w0zYkOT/61FZ1+FitTWPEp6jy9PjHGoxotZXttdOInwf6VDe3eVJcSBoBWwb5Nsc
nZ+7Ka4lKe3VeevNGFTpfOblV8mvBh4npeA0Yr1nKGn7GEmajo6BoZTK8rGCXNNx
LJARQumKQSZkyKtqcukcMt1dO7VFH8jxwG4JgpFI6XM6rvOZE1BGqjbnX99ScPnS
lrcOpN9QK9jsnfj9bIwC2J25/22UGaZgQ/0/q/PG3CZk6AUQ+Xlbi8vlfQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFXGPMsAuGwWS+myiyDQtARprG08MB8GA1UdIwQY
MBaAFNNWrmJdlQbfSj5XeySob848c6j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYt
MmVhODdlNmVhMmEwLzEvVmNZOHl3QzRiQlpMNmJLTElOQzBCR21zYlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83YTY1NDUtNTI3Ny00MGYzLWIzNjYtMmVhODdlNmVhMmEw
LzEvMDFhdVlsMlZCdDlLUGxkN0pLaHZ6anh6cVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAUBAIAATAOAwUGbWl9QAMF
Bm1pf4AwKQQCAAIwIwMJACABCUgAYQABMBYDCQAgAQlIAGIAAwMJACABCUgAYgAE
MA0GCSqGSIb3DQEBCwUAA4IBAQDQSG5Dd9UaNQ3+wWGqOBTH4KyMGDOUucKrxZNE
W8CJj7FGycB1CHxoFjz8xDUL5ba700lThOsJ+lAg/lL5EUriWb1jz2U2sxGvSYtG
+bHDx4DQJN+nKhGtcSyorcOg6YjzOkwtRaavU+f/JVFwu67tDw766170eVQEifsz
a7QbiEWF5JbsZgPoTjdPVNczqW43buO0ZRa1esoy3Ym0lnR73BeDVp7dCqNtZdnl
uDlkXtC104pYpeKxTjr8jPesznJv8XYKNIjOhjuRqmlnIzYgVHw10pwFD0r1vsp2
DKfSVQGxrFgMIU6kq7bbKjZP1gdQSmmYd9H2QN2yibJDSYBv
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:02:28 2025 by rpki-client